package com.shopoo.oauth.wap;

import java.security.Principal;

import javax.annotation.Resource;

import com.google.gson.Gson;
import com.shopoo.dto.PageResponse;
import com.shopoo.dto.Response;
import com.shopoo.dto.SingleResponse;
import com.shopoo.oauth.api.UserService;
import com.shopoo.oauth.dto.clientobject.TokenCO;
import com.shopoo.oauth.dto.clientobject.UserCO;
import com.shopoo.oauth.dto.clientobject.UserDetailDTO;
import com.shopoo.oauth.dto.cqe.LoginCmd;
import com.shopoo.oauth.dto.cqe.UserAddCmd;
import com.shopoo.oauth.dto.cqe.UserCheckCmd;
import com.shopoo.oauth.dto.cqe.UserPowerUpdateCmd;
import com.shopoo.oauth.dto.cqe.UserQry;
import com.shopoo.oauth.dto.cqe.UserUpdateCmd;
import com.shopoo.oauth.dto.cqe.UserUpdateStatusCmd;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import lombok.extern.slf4j.Slf4j;

import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.PutMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestHeader;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;

@Api(tags = "用户服务API")
@RequestMapping("/users")
@RestController
@Slf4j
public class UserController {

    @Resource
    private UserService userService;

    /**
     * @Description: 校验token的权限范围
     * @Author: limy66
     * @Date:   2021/3/24 9:10
     * @Param:  [user]
     * @Return: java.security.Principal
     */
    @ApiOperation("校验token的权限范围")
    @PreAuthorize("#oauth2.hasScope('read')")
    @GetMapping("/scope")
    public Principal scope(Principal user){
        return user;
    }

    /**
     * @Description: 添加一个用户
     * @Author: limy66
     * @Date:   2021/3/12 16:27
     * @Param:  [oauthUser]
     * @Return: com.bngrp.common.entity.Response
     */
    @ApiOperation("添加一个用户")
    @PostMapping
    public Response add(@Validated @RequestBody UserAddCmd userAddCmd) {
        log.info("添加用户：{}", new Gson().toJson(userAddCmd));
        return userService.add(userAddCmd);
    }

    /**
     * @Description 更新用户信息
     *
     * @Param [oauthUser]
     * @Return com.suntak.exception.model.Response
     * @Date 10:46 下午 2020/11/17
     * @Author <a href="mailto:android_li@sina.cn">Joe</a>
     */
    @ApiOperation("更新用户信息")
    @PutMapping("/update")
    public Response update(@Validated @RequestBody UserUpdateCmd userUpdateCmd) {
        log.info("更新用户信息：{}", new Gson().toJson(userUpdateCmd));
        return userService.updateById(userUpdateCmd);
    }

    /**
     * @Description: 更新用户状态
     * @Author: limy66
     * @Date:   2021/5/17 16:36
     * @Param:  [userUpdateStatusCommand]
     * @Return: com.bngrp.common.entity.Response
     */
    @ApiOperation("更新用户状态")
    @PutMapping("/updateStatus")
    public Response updateUserStatus(@Validated @RequestBody UserUpdateStatusCmd userUpdateStatusCmd) {
        return userService.updateUserStatus(userUpdateStatusCmd);
    }

    /**
     * @Description: 更新用户权限信息
     * @Author: limy66
     * @Date:   2021/3/23 15:27
     * @Param:  [userPowerUpdateCommand]
     * @Return: com.bngrp.common.entity.Response
     */
    @ApiOperation("更新指定用户的权限信息")
    @PutMapping("/update/roles")
    public Response updatePower(@Validated @RequestBody UserPowerUpdateCmd userPowerUpdateCmd) {
        log.info("更新用户权限信息：{}", new Gson().toJson(userPowerUpdateCmd));
        return userService.updatePower(userPowerUpdateCmd);
    }

    /**
     * @Description: 用户登录
     * @Author: limy66
     * @Date:   2021/8/30 15:35
     * @Param:  [loginInfo]
     * @Return: com.shopoo.common.api.Response<com.shopoo.oauth2.client.dto.Oauth2TokenDTO>
     */
    @ApiOperation("用户登录")
    @PostMapping("login")
    public SingleResponse<TokenCO> login(@RequestBody LoginCmd loginCmd) {
        return userService.login(loginCmd);
    }

    @ApiOperation("用户退出登录")
    @PostMapping("logout")
    public Response logout() {
        return Response.buildSuccess();
    }

    @ApiOperation("验证码")
    @PostMapping("twoStepCode")
    public Response twoStepCode() {
        return Response.buildSuccess();
    }

    /**
     * @Description 分页查询用户
     *
     * @Param [userReq]
     * @Return com.suntak.exception.model.Response
     * @Date 10:36 下午 2020/11/17
     * @Author <a href="mailto:android_li@sina.cn">Joe</a>
     */
    @ApiOperation("分页查询用户")
    @GetMapping("/list")
    public PageResponse findByConditions(@Validated UserQry userQry) {
        return userService.findByConditions(userQry);
    }

    @ApiOperation("根据userId获取用户信息")
    @GetMapping("/getByUserId")
    public SingleResponse<UserCO> findByUserId(@RequestParam("userId") String userId) {
        return userService.findByUserId(userId);
    }

    /**
     * @Description: 根据userId获取用户信息
     * @Author: limy66
     * @Date:   2021/4/7 10:20
     * @Param:  [userId]
     * @Return: com.bngrp.common.entity.Response
     */
    @ApiOperation("根据用户授权信息获取用户信息")
    @GetMapping("/info")
    public SingleResponse<UserDetailDTO> findUserinfo(@RequestHeader("userId") String userId){
        return userService.findUserInfo(userId);
    }

    /**
     * @Description: 检查用户名是否可用
     * @Author: limy66
     * @Date:   2021/3/23 16:06
     * @Param:  [username]
     * @Return: com.bngrp.common.entity.Response
     */
    @ApiOperation("检查用户名是否可用")
    @PostMapping("/username")
    public Response checkUsername(@Validated @RequestBody UserCheckCmd userCheckCmd) {
        return userService.checkUsername(userCheckCmd.getUsername());
    }

}
